H

Creating Business Objects

Present day business environment provides numerous challenges with respect to the use of IT hardware and software resources. Consider a case where a small-sized organization needs to expand its employee base. In this case, the organization would require additional hardware and software resources for the new employees. Ensuring that these new hardware and software resources are compatible with the requirements of the employees as well as cost efficient is a challenge in itself. During the course of its expansion, the organization may at times be required to purchase costly hardware and software resources, which may not fulfill all the requirements of the organization, when used in isolation. In such cases, the organization might be compelled to purchase some other supplementary hardware or software resources that might be equally expensive, which would further add to the cost of the organization. However, the organization, at times, might not use all the features of all the hardware or software resources acquired, which would in turn lead to non-optimal use for these resources. Similarly, when the organization expands, it needs to increase its data storage as well as security capacity. Maintenance of these data storage resources is also a demanding challenge for the organization. Further, the need to ensure effective backup and restore policies and disaster management strategies also increases as the organization expands and enters into new avenues of business. This would, in turn, mean incurring further costs with respect to installation of additional servers and related hardware resources. Moreover, if the existing resources of the organization are not compatible with the newly acquired resources, it would also create problems and lead to further costs. Imagine a situation where the organization invests in these types of resources every time it decides to expand! Now consider a situation where instead of investing in such resources, the organization has the option of a dynamically scalable and virtual computing environment provided over the Internet. Such a virtual computing environment would not only be scalable to accommodate increased requirements, but would also cost less (only once, perhaps) even when the organization decides to expand multiple times. This is exactly what the concept of cloud computing offers. In this appendix, you learn about the cloud in more detail, such as its architecture, service, and computing. You also learn about the Windows Azure platform. Lets start the discussion with the cloud.

Defining the Cloud

The cloud is a combination of hardware, networks, storage, services, and interfaces that helps in delivering the computing as service. It has broadly three users which are end user, business management user, and cloud service provider. The end user is the one who uses the services provided by the cloud. The business management user in the cloud takes the responsibility of the data and the services provided by the cloud. The

Appendix H

cloud service provider is the one who takes care or responsible for the maintenance of the IT assets of the cloud. The cloud acts as a common center for its users to fulfill their computing needs. The best feature about the cloud is that it is scalable, which means it can easily expand and contract. The scalability allows providing the additional resources to the user whenever needed and releasing or reverting the resources when they are no longer needed by the user. The cloud expands when the demand of the resources arises and contracts when the resources are released. The four basic characteristics of cloud are given as follows: Scalability Self-service provisioning and automatic de-provisioning Application programming interfaces(APIs) Billing model The characteristics of the cloud help both type of companies, i.e., the provider company, which provides the cloud services, and the client company, which uses the services on the cloud. The provider companies have integrated the services provided by the application software and deployed that on the cloud. The client can now utilize the software as a service on rental basis. This helps them to know whether the service is useful for them or to know the extent of the usage of the service and also helps the company, as they have to spend less on the advertisement of the software. Besides this, it is also useful for clients as this saves their additional costs of purchasing the software whenever their requirement changes. They can utilize the other services which are based on the changed requirements using the billing model feature. This billing model helps in calculating the cost of the usage of the service by a particular client.

The cloud offers the services that executes in the cloud environment and fulfill the need of HR management, financial analysis, inventory management, and risk management for the clients. It has now become a popular way of selling the software as service. Lets take example of Facebook, which provides a social networking website that maintains the profile of the user including images and other embedded Web based applications in the website. It has millions of user which means that it needs hardware in large amount for the storage of the data. Whenever the data of the user or the numbers of the user increases, the company requires additional set of hardware sometimes at runtime. The storage need is fulfilled with the help of cloud as it can provide hardware at runtime, if required, because of its scalability feature. This prevents their additional costs of purchasing the hardware and software whenever needed. It also allows the developers to develop their application on the cloud and executes on it with the additional set of hardware. Besides Salesforce.com, another well known company that offers cloud service is eBay. It is a well known auctioneer of items on Internet and provides services to five lakhs small businesses. After discussing about the cloud technology, now lets understand the cloud architecture.

Cloud Architecture
The cloud has its architecture based on the services which it provides to the end user. Different service provider companies have built different architecture of cloud based on the requirements and demands of the clients. The commonly used cloud architecture consists of large data centers having management fabric, which acts as a communication medium between the server, the hardware, and the operating systems and also automates the deployment of virtual operating system images on server hardware. The cloud data center consists of many servers of large storage capacity for storing operating system images. The management fabric controls the deployment process by allocating and de-allocating the hardware and operating system images as and when required. When a user deploys the service on the cloud, the management fabric deploys the operating system images and the users service on the servers. After the service is deployed on the servers, it can be used easily when requested by the client. The service can have multiple instances that can be created if the demand and the requirements of the service are high. The usage of the service is purely based on the billing model of the cloud. Figure H.1 shows the fundamental cloud data center architecture:

Creating Business Objects

Figure H.1: Displaying the Cloud Data Center Architecture

The cloud architecture includes some fixed hardware assets such as load balancers, switches, routers, and Domain Name System (DNS) servers that help in the management of work load distribution across multiple instances of the server. The architecture also includes important components such as metering, billing, and reporting that empowers the architecture with the ability to measure and report the usage of the service by a particular user. The measurement and reporting of the service are used for calculating the rent of the service by the client. The cloud can have geographically distributed data centers for providing geo-located services to provide the data across the world. Due to geo-located services, the user can access the service from anywhere in the world to access the required data whenever needed. Different service providers may have different implementation and approach to this pattern. The cloud architecture is built by keeping in mind that it can provide generalized services to the client. The generalized service attracts lot of customers, and therefore, raises the profits. The cloud architecture also ensures that the data of one customer must not be mixed with the other. The good cloud architecture helps to increase the number of customers faster than the traditional approach of developing the software for providing the services. The cloud saves tremendous amount of time and money of the clients; therefore, helps in running their business smoothly. The differences between the cloud data centers and traditional data centers are given as follows: The purpose of construction of a cloud data center is different than traditional data centers The scale used for building the cloud data center differs from the scale used for building traditional data centers The cloud data center handles different workloads than the traditional data center The building cost of cloud data center is more than the traditional data centers The traditional data centers use the process of purchasing the hardware but the cloud data centers orders the manufacture of hardware according to the needs After discussing the benefits of the cloud now, lets discuss cloud computing.

Cloud Computing
The cloud computing is the computing which is based on the Internet. It can also be defined as the next stage in the evolution of the Internet. The cloud computing uses the cloud that provides the way to deliver the services whenever and wherever the user of the cloud needs. Companies use the cloud computing to fulfill the needs of

Appendix H

their customers, partners, and providers. The cloud computing includes vendors, partners, and business leaders as the three major contributors. The vendors are the one who provides applications and their related technology, infrastructure, hardware, and integration. The partners are those who offer cloud services demand and provide support service to the customers. The business leaders are the one who uses or evaluates the cloud service provided by the partners. The cloud computing enables the companies to treat their resources as a pool, and not as independent resource. Lets understand the need of the cloud computing in a business organization by an example. Whenever there is a recruitment of employee in the company, it has to provide various hardware and software to the employee required to perform the job. The company also has to ensure about the licenses of the software along with the arrangement of hardware. This traditional way gives additional expense to the company. However, with cloud computing, the company has to load a single application which provides the interface to use the various software needed by an employee. In other words, the cloud computing handles the workload efficiently. It decreases the work load of local computers during the execution of the application. The cloud computing handles the work load instead of local computers and also decreases the demand from the users end. The only software required by the users system is interface software which act as a Web browser, and the rest of the computing handles by the cloud.

Cloud Service
The cloud service is a service that is used to build cloud applications. The advantage of cloud application is that it provides the facility of using the cloud application without installing it on the computer. It reduces the maintenance and support of the application as compared to those applications that are not developed using the cloud service. In ASP.NET 4.0, the cloud service or applications can be created by using the Windows Azure platform. This platform provides Windows-based compute and storage service for cloud applications. The different kind of users can use the application from the cloud service, which may be public or private application. The Windows Azure platform helps developers to build highly useful applications for clients. Some important features of the cloud service are given as follows: Accessing and managing of commercial software Centralizing the activities of management of software in the Web environment Developing applications capable of managing several clients Centralizing the updating feature of software that eliminates the need of downloading the upgrades Some of the advantages of cloud service are given as follows:

Helps in the utilization of investment in the corporate sector; and therefore, is cost saving. Helps in the development of application using the cloud service that is scalable and robust. Previously, the scaling took months, but now, scaling takes less time. Helps in saving the time in terms of deployment and maintenance.

Modeling of Service
There are three distinct models in which the different services can be grouped. The different cloud service delivery models are Infrastructure as a Service (IaaS), Platform as a Service(PaaS), and Software as a Service(SaaS). The purpose of IaaS is to provide storage and compute resources that developers and IT organizations can use to offer customized business solutions. It delivers servers, networking technology, storage, and data center space as a service and also includes the delivery of operating systems and virtualization technology to manage the resources. The nature of the service is paid for on a usage basis. This service includes dynamic scaling by which a user can request for more resources than expected. Dynamic scaling controls helps in meeting the user requirements. It has agreed-upon service level arrangement in which the provider is agree to provide the resources on availability and on demand. This model is used by the Amazons Elastic Compute Cloud(Amazon EC2).It allows users to access virtual machines by providing Web interface. Amazon EC2 offers the elasticity and scalability by which it can easily increase or decrease the resources to meet the user needs. Companies that are involved in research intensive projects use IaaS. It also allows scientific and medical researchers to perform testing and analysis to those stages that are not possible without additional computing resources. The other organizations which require additional computing resources can empower their data

Creating Business Objects

centers by using IaaS. They can fulfill their requirements by renting the computer hardware, such as servers, networking technology, storage, and data center space and not by purchasing them. The provider can deliver additional amount of infrastructure with PaaS. It offers solution stack which is a mutually inclusive set of software to help developers at the time of development of application and its execution. PaaS can be seen as an evolution in the field of Web hosting and provides lifecycle management of all software development phases, such as planning, design, building, deployment, testing, and maintenance. It decreases the maintenance effort as the application is deployed on the cloud. PaaS supports all the Web service standards and often delivers with the dynamic scaling which means that the software can extend and shrink its services. The Open PaaS has removed the problem of vendor lock-in and offers the same idea as PaaS except there is no constraint on making the choice of development software. The examples of PaaS include Google App Engine, and Force.com. The SaaS model was used when the cloud service was first implemented as a business application. Application service provider used SaaS in the hosting of application earlier. SaaS offers customer relationship management applications and hosting of chain of applications. The use of SaaS has reduced the cost of implementation of application of the company and to satisfy the internal business requirements. SaaS offers number of advantages; and therefore, it is in demand of vendors and the customers. One of the advantages is that it offers service on per-use basis and involves no hidden costs from the service provider. Another benefit is that the user gets the flexibility to test new software on rental basis and then on satisfaction can adopt the software. Business of the company also gets the benefit with the reduction in capital expenditures. SaaS also provides security and reliability by incorporating Virtual Private Networks (VPNs).This enables the user to transfer the data securely over the network, such as Internet. The example of SaaS is yahoo mail which can handle millions of users.

Deploying of service
The service can be used only after its deployment on the network. The access of service is then given to the users to fulfill their requirements. The service is considered successful if it satisfies the users needs. Service providers provide the services by reducing the Internet specific threats, such as denial of service. There are three kinds of deployment models in a cloud service, which are as follows:

Private cloudAllows the usage of services by a single client on private network. The benefits of this model are data security, corporate governance, and reliability concerns. The private cloud is used by the organization when it has a huge, well-run datacenter having lot of spare capacity. It is also used when an organization is providing IT services to its clients and the data of organization is highly important. It is best suited when the requirements are critical. The characteristics of this model are given as follows: Provides capability to internal users and allows provision of services Automates the tasks of management and provides the billing of consumption of a particular service Offers a well managed environment Enables the optimization of computational resources, such as servers Manages the workload of the hardware

Offers self-service based provisioning of hardware resources and software Public cloudImplements the key characteristics such as elasticity, scalability, and self service provisioning. The public cloud is open to anyone. You can use public cloud to collect data of the purchasing of items from a Web site on the Internet. You can also use public cloud for the reasons, which are given as follows: Helps when application to be used by large number of people, such as an e-mail application, on the Internet Helps when you want to test the application and also needs to develop the application code Helps when you want to implement the security for the application Helps when you want to increase the computing capacity Helps when you are working on the projects in collaboration

Appendix H

Helps when you are developing the project on ad-hoc basis by using PaaS

Hybrid cloudConsists of multiple service providers. This model integrates various cloud services for Hybrid Web hosting. It is basically a combination of private and public cloud features. It is used by the company when a company has requirements that can be fulfilled by the features of both the private and public clouds. Consider an example when an organization wants to implement SaaS application throughout in the company. The implementation requires security that can be provided by the private cloud used inside the firewall. The additional security can be provided by the VPN on requirement. Now, the organization has both the private and public cloud features. Community cloudProvides a number of benefits, such as privacy and security. This model, which is quite expensive, is used when the organizations having common goals and requirements are ready to share the benefits of the cloud service.

Managing Cloud Workloads

Cloud environment requires lot of hardware, software, networking, and services together. Therefore, making a cloud work efficiently, the workloads has to be managed properly and it should be well structured and organized. The workload can be defined as an independent service or set of code that can be executed. It can be everything from a data-intensive workload to storage or a transaction processing workload and doesnt rely upon the outside elements. The workload can be considered as a small or complete application. You must manage the applications or components running in the cloud and handle the things during the peak loads. The organization manages workloads because of the following reasons: To know how their applications are running To know what functions they are performing To know the charges of the individual department according to the use of the service There are two types of workload exist in the cloud environment. The first type of workload is that executes in batch mode at any time and the second type of workload is that the one which executes in real time. The interface of workload is based on Extensible Markup Language (XML). The advantage of XML interface is that it keeps the data independent of each implementation. The workloads with well defined interfaces let the software to function properly in the cloud environment and make the maximum profitability from the customers. Handling workloads in the traditional data center is a tedious task but the cloud data center makes it easier. The workloads within the cloud and in the organization environment must be linked together for a well functioning of cloud infrastructure. The workload is incomplete unless it is in context with asset management which is done by license management, technology evaluation, and capability planning.

Whenever an organization deploys a workload on the cloud, they should be aware of which internal
applications and groups use that workload or service. If there is any modification in the workload, the concerned persons should be given alert or not. During the management of cloud based workload or even hybrid workloads, the organization must ensure that they are managing the configuration data efficiently and properly. The configuration management software helps in defining the workload and recognizes the modifications to those workloads. Company must review the series of workloads and test them for their integrity and proper functioning. In other words, the requirements for a company that wants to deal with workloads are incorporate security, coordination, workflow, and dependency.

Managing Data in the Cloud

Any organization, who wants to implement the cloud computing, thinks about the security of the data first irrespective of the nature of the cloud. Without securing the data in the cloud environment, no organization can dare to implement the cloud. Even if the organization has well defined security of the data, different issues occurs with cloud computing while managing the data. The organization must make sure that the IT security strategy should be lined up with cloud data security strategy and also ensures the right balance of protection, privacy, governance, and accessibility to its key resources in the cloud environment. Security risks, threats, and breaches related to data can come in so many forms and from so many places.

Creating Business Objects

Currently, the companies are getting problem of security breaches by their own employees which made their security approaches less effective. The insiders help the hackers to steal the data from the cloud data center. It is very difficult to catch the insider employees because the data in the cloud is managed by them in the data center of the cloud. The cloud provider company and clients must implement some plan to deal with inside as well as outside threats to save the data. Data is of prime importance for any organization; therefore, the proper management of data is of high importance for the business of an organization. The data has five phases in an organization such as creation, modification, security, storage, and destroyed. These phases of data are the normal phases in the cloud data center. The organization has various types of data, such as emails, contracts, images, and blogs. The cloud contains such diverse kind of data of an organization. Therefore, security and privacy of the data is a very big concern. The major areas that are related to security and privacy of data are given as follows: Location of the data in the cloud Control over the data in the cloud Secure transfer of data across the applications in the cloud Cost associated with management of data in the cloud Co-mingling of the data in the cloud Verify the customers accessing the data on the network Verify all software before giving them access to data present in the cloud Encryption of data in the cloud Scan the various applications running on the cloud Cloud secures the data using firewall and it can be used for any number of applications and processes. The data security and privacy is a big issue for companies; therefore, they test data on public cloud environments with smaller and constrained implementations. There are other different types of validation made to ensure the completeness and accuracy of the data that are input, output, and processing. The input validation ensures that the input data to the application must be complete, accurate, and reasonable. The processing validation ensures the processing of the application controls and the modification of data in any type of file. The output validation allows the access of data to the authorized users and the change management ensures the modification of data only by the authenticated users. Backup and recovery measures make the copy of data to recover the data in case of data loss. The data destruction validation ensures deletion of data from everywhere on the physical storage medium in case of permanent deletion of data from the database. The security of data during its transfer from one location to another location is very important and is managed by using VPN by changing the public network of organization as private network. The VPN encrypts the sensitive data of the organization while transferring by using the firewall that acts as a barrier between the public Internet and the private network.

Cloud Security
The Chief Executive Officer (CEO) of an IT company decides that the company would also offer cloud computing after knowing the advantages and profits from the cloud; and therefore, discusses it with the Chief Information Officer (CIO) of the company but the CIO advised the CEO that there is a data security issue related with the cloud. In addition, there are large numbers of applications in the data center that cannot be easily handled. Therefore, the CIO was agreed that the company can focus on the areas, such as testing, software development, storage, and email, for cloud computing by emphasizing on the security and privacy of the data. Initially, there was no security on the PCs in the cloud but after sometime a password and permissions system was added for network wide security based on login. The cloud security also has threat of spoofing, which means pretending to be something authenticated. It is also called phishing attack. In the phishing attack, a false Web site pretends to be a genuine one. The phishing Web site might pretend to be banks Web site and try to get the users financial details. The financial details are then can be used for the wrong purposes. It is very difficult to track the attackers on the Web from where they are operating.

Appendix H

The cloud service providers, approximately 200 in the early stages of the cloud growth, have realized that although the cloud presents a great opportunity, a series of challenges must be overcome. These challenges include security, interoperatibility, portability, management and metering, and governance. They have prepared an open cloud manifesto which contains series of statements related to standards. It is mandatory for every provider to follow the open cloud manifesto before providing the cloud services. An organization must ensure the protection, privacy, governance, and accessibility of all its important resources whether they are using the private or public cloud. The organization takes security measures for monitoring access control and identity management. The network needs to be maintained in a consistent way in cloud data center and hybrid environments. Several companies emphasize on high priority on the testing and monitoring of threats to the data center. They also use technology that tracks person identity to know the access of corporate information by a particular person whether the user resides in the company or an external user. The organization includes various built-in applications and data level protections in their software application and also must consider security services for both the application and the infrastructure. There are many situations when the security measures are not enough. One such situation arises when the security is breached by the people who worked for the company and it is not easy to track the insiders. Therefore, before using cloud service the organization should have a well versed plan to deal with inside or outside threats. There are some steps that should be followed to reduce the security breaches, which are given as follows: Authenticate all the users before giving them access to the network Store all the access permissions so that the user can have access only to that data and applications they have granted access permission Authenticate all software executing on any system and all the modifications to the software Make the process of requesting permissions to access data or applications should be formalized Create the log of all unusual activity by monitoring the network Create the log of user and program activity and make analysis of unexpected behavior Encrypt the important data that needs additional protection Check the modifications in the software exposed to any external users on the Internet regularly Monitor all IT assets related to cloud regularly Manage the licenses of the services Create administration of new resources allocated to customers Establish a software for tracking the devices on the network A well known IT company Google provides an application status dashboard called Google Apps Status Dashboard. Customers or clients can use this Status Dashboard to check on current Google services, such as email, calendar, chat functions, word processing, spreadsheets and presentation software, and video. The dashboard shows the status of each of these applications every day. Whenever a problem occurs, the information about that problem is on the dashboard.

The company also implements the identity management for the security of the data center. They implement the identity management in every important area of the data center of the cloud. It is very important for the protection of the cloud environment because the cloud shares and virtualizes the physical resources across many internal and external clients. The provider must know who has access to what services. Identity management is the primary goal of managing the personal identity information so that access to computer resources, applications, data, and services is controlled properly. It can also be considered as the security area that helps in reducing the security breaches and keeps the financial data safe from unauthorized access. The main benefits of the identity management are given as follows:

Improved user productivity Improved customer and partner service Reduced help desk costs Reduced IT costs

Creating Business Objec cts

Clo oud security is a big concern; and a therefore, standards s and organizations o h have been devel loped to make sure s tha at the right cont trols, procedure es, and technolo ogy are in place e to protect the corporate assets s. The standard ds of Clo oud security are e a set of proces sses, policies, an nd best practice es that ensure th hat the proper controls c are pla aced ove er an environm ment to preve ent application, , information, identity, and access issues. The Open Clo oud Co onsortium (OCC C) was formed in 2008 for the e purpose of cl loud security. One O of its goals s is to support the dev velopment of standards for clo oud computing g and framewor rks for interope erating between n clouds. The OCC O has s the following two major work king groups tha at deal the cloud d standards: up on standards and interoper ratibility for clou uds that provide on-demand co omputing capac city: Working grou Develops stan ndards for the in nteroperatibility y between the storage s clouds and a the compute e clouds. Working group on informat tion sharing, se ecurity, and clo ouds: Focuses on o standards an nd standards-ba ased architecture for sharing the e information between b the clouds. The emp phasis is on clo ouds belonging g to anizations and subject s to differe ent policies. The e group also exa amines security y in the cloud. different orga Th he Cloud Securit ty Alliance (CSA A) formed in la ate 2008 when cloud c security became b importa ant in users min nds. Th he CSAs goal is s to promote a series of best practices p to prov vide security as ssurance in clou ud computing. The obj jectives of CSA are as follows:

u between user rs and provid ders of cloud computing regarding r secu urity Promoting understanding requirements s Researching best b practices fo or cloud security y Launching aw wareness campa aigns about clou ud security solu utions Creating cons sensus lists of is ssues and guida ance for cloud se ecurity assuranc ce Aft ter discussing th he cloud securit ty, lets understand the Window ws Azure platfo orm.

Wind dows Azure Platfor rm

Th he Windows Az zure platform is a platform th hat is used for the developme ent and the dep ployment of clo oud ser rvices. This plat tform is built of f components th hat provide spe ecific functional lity to various cloud c services. The Wi indows Azure platform p has br rought significa ant change in th he architecture, development, and a deploymen nt of clo oud services. This T platform supports differ rent types of applications, such s as rich client and Inter rnet app plications, Web b services appli ications, Server r applications, and a Mobile applications. The developers of the dif fferent types of f applications in nclude Window ws Azure platfo orm for the arc chitecture and deployment of the app plications on th he cloud. This is basically a set of building blocks b of platfo orm, middlewa are, enterprise, and con nsumer services s for building cl loud services. This T platform pr rovides Window ws Azure that is s a cloud operat ting sys stem, SQL Azure which is a cloud c database, .NET services, , and Live serv vices. The motiv ve of the Windo ows Az zure platform is s to help develo opers for buildi ing cloud servic ces according to o the requireme ents. This platfo orm als so provides Internet scale infras structure for dep ploying distribu uted application ns and services. Visual Studio (VS) ( 201 10 can be used to develop clou ud service and can deploy it on o the Azure pl latform. This he elps critical pro oject res sources to emp phasize on solu ution design an nd delivery in spite s of manag ging dependenc cies present in the int ternal infrastruc cture. Figure H.2 H shows the three t main com mponents SQLA Azure, AppFab bric, and Windo ows Az zure of the Wind dows Azure pla atform.

Figure H.2: Dis splaying the Arc chitecture of the e Windows Azur re Platform

Th he components are a explained lat ter in this chapt ter. Let ts learn how to o enable the Win ndows Azure To ools in VS 2010.

Appen ndix H

Enab bling the Windows Wi Azu ure Tools

Th he Windows Azure A Tools for r VS 2010helps s developers to create, build d, debug, run, and deploy Web W app plications and services s from VS V 2010 IDE on Windows Azur re. Initially the Windows Azur re Tools in VS 2010 2 are e not enabled. You Y can enable the Windows Az zure Tools by performing the following steps: 1. 2. 3. Open the New w Project dialog g box. Select the Clo oud option from m the Installed te emplates. The Enable E Windows Azure Tools template appear rs in the middle pa ane. Click the OK K button after entering the na ame and Locat tion in their respective text boxes, b as shown n in Figure H.3:

Figure H.3: Disp playing the Azu ure Platform

s you are using g the Windows Azure platform m for the first time, t the .NET Framework pr rompts you to first f As download the Win ndows Azure To ools for Microso oft Visual Studio, as shown in Figure F H.4:

Figur re H.4: Downloa ading the Windo ows Azure Tools

You u can also downlo oad the Tools dire ectly from http p://www.microsoft t.com/downloads/d /details.aspx?Fam milyID=2274a0a8-5 5d37-4eac-b50a-e e197dc340f6f&dis splaylang=en

4. 5.

Download th he VSCloudServ vice.exe file and save it on the co omputer hard drive. d Close the Visual Studio 2010 0 framework; oth herwise, the ins stallation wizard d not execute properly.

10

Creating Business Objec cts

6. 7.

Double click the VSCloudSer rvice.exe file to initiate the installation. Click the Con ntinue button to o move to the ne ext step, as show wn in Figure H.5 5:

F Figure H.5: Star rting the Installa ation Wizard

8.

Click the Nex xt button in the Welcome page of the wizard to o move to the ne ext step, as show wn in Figure H. .6:

Figure H.6: Displaying g the Welcome Page P in the Wizard

9.

Select the I have h read and accept the lice ense terms chec ck box and clic ck the Next bu utton, as shown n in Figure H.7:

1 11

Appen ndix H

Figure H.7: Acc cepting the Lice ense Terms

Th he wizard displa ays the progress s bars during the e installation of f the software, as shown in Figu ure H.8:

Figure H.8: Installing the Software S

10. . Click the Fini ish button to com mplete the insta allation, as show wn in Figure H.9 9:

12

Creating Business Objec cts

Figure H.9: Co ompleting the In nstallation

You u have to open the Visual Studio 20 010 in administrat tor mode to create e the application.

Aft ter completing the installation of Widows Azu ure Tools, open n the New Project dialog box an nd select the Clo oud node in the Instal lled Templates pane. Next, sel lect the Window ws Azure Cloud Service optio on from the mid ddle ne, as shown in n Figure H.10. pan 11. . Provide a nam me for the application, which in i this case is MyFirstCloudAp M pplication and specify a location n to save the appl lication (Figure H.10). 12. . Click the OK button in the dialog box, as shown in Figure H.10: H

Figure H.10: Opening the t Windows Az zure Cloud Serv vice

1 13

Appen ndix H

Th he New Cloud Service S Project dialog d box appe ears (Figure H.1 11). In this dialo og box, you need d to select roles s for cre eating your application. For exa ample, the ASP.NET Web Role e creates an application with a Web W user interf face. Sim milarly, the Wor rker Role creates the backgroun nd processing ap pplication. 13. . Select the AS SP.NET Web Ro ole and Worker Role options fr rom the .NET Framework 4 rol les group and click c the forward arrow a button to add the roles in n the Cloud Serv vice Solution gr roup. 14. . Rename ASP.NET Web Role e to WebRole an nd Worker Role to WorkerRole as shown in Fig gure H.11. 15. . Click the OK button, as show wn in Figure H.1 11:

Figure H.11: Selecting g the ASP.NET Web W Role Interfa ace

Th he cloud application opens as sh hown in Figure H.12:

Figure H.12: Disp playing the Wor rker Role page

14

Creating Business Objec cts

16. . Open the Def fault.aspx page in the Source vi iew and add the e following code shown in Figu ure H.13:

Fig gure H.13: Addi ing the Code in Default.aspx pa age 17. . Open the De esign View and d double click the button con ntrol and add the following code as shown n in Figure H.14:

Figure H.14: H Displaying g the Code of De efault.aspx.cs Page P

18. . Open the Se erviceConfiguration.cscfg file and a set the Ins stance count to o 3 in the Web bRole as shown n in Figure H.15:

1 15

Appen ndix H

Fig gure H.15: Modi ifying the Servic ceConfiguration n.cscfg File 19. . Press F5 key y to execute th he application. The Developm ment Storage Initialization I dialog box appe ears (Figure H.16) ). 20. . Click the OK K button in the Development Storage S Initializ zation Window w to view the output as shown n in Figure H.16:

Figu ure H.16: Initializing the Develo opment Storage e

21. . Click the Clic ck Here button as a shown in Fig gure H.17:

16

Creating Business Objec cts

Figure e H.17: Displaying the Output of o the Applicatio on

22. . Click the Sho ow hidden icon arrow a in the tas skbar to view th he hidden icons (Figure H.18). 23. . Right-click th he Developmen nt Fabric icon an nd select Show w Development Fabric UI in th he context menu u as shown in Figu ure H.18:

Figu ure H.18: Openi ing the Develop pment Fabric UI

Th he Development t Fabric is displa ayed (Figure H.1 19). 24. . Open the nod de of Web Role to t view the inst tances created in n the application n as shown in Figure F H.19.

Figure H.1 19: Displaying the Nodes in the e Development Fabric

1 17

Appendix H

After creating the application, you need to Publish it for deployment. The Publish process compiles and builds the solution. It creates a new service package that includes a zip file, and configuration files for the solution. Visual Studio opens the directory where the service package is created after completion of the publish process. It also opens the browser and navigates to the Azure services developer portal. Now, you have to login to the Azure Services management portal using your Live ID. After enabling the Windows Azure Tools, lets discuss the Windows Azure operating system.

Windows Azure Operating System

The Windows Azure operating system is used for running cloud services on the Windows Azure platform as it includes necessary features for hosting your services in the cloud. It also provides runtime environment that consists of Web server, computational services, basic storage, queues, management services, and load balancers. The operating system provides development fabric for development and testing of services before their deployment on the Windows Azure in the cloud. Windows Azure provides three core services which are given as follows:

ComputeOffers scalable hosting of services on Windows Server 2008 operating system or platform. The platform has been designed to scale based on the requirements of the user. This platform is based on the concept of virtualization. The platform executes on the Internet Information Server (IIS) 7 or higher version which can be used with ASP.NET Web applications. The operating system layer also includes abstraction that means only important information should be available to the user instead of all the information. The developers uses the abstraction for developing managed and unmanaged services for deploying in the Windows Azure computing cloud without going in depth of the organization of the operating systems. StorageStores the data in the form of tables, blobs, and queues and are supported by Windows Azure. The tables present in the Windows Azure are not similar to relational database tables, such as SQL Server tables. The Windows Azure has entity data model which is an independent data model. It provides structured data storage capabilities. The tables present in the database can store large amount of data, such as in terabytes. Windows Azure blobs have the capability to store large collection of binary data, such as videos, images, and music, in the cloud environment. A single blob can contain 50 GB of data. The queues present in the Windows Azure acts as asynchronous communication channels for connecting services between services and applications present in cloud and can also be used to establish communication between multiple Windows Azure role instances. It can also support unlimited number of messages but the size of the message cannot exceed 8KB. ManagementProvides the automated infrastructure and capabilities of service management to Windows Azure cloud services. The main features of the capabilities are automated virtual machines, deploying services in virtual machines, configuring switches, access routers, and load balancers to maintain the user defined state of the service. The fabric controller present in the management service maintains the health of the service and abstracts the infrastructure of virtual platform from the compute and storage services. Dynamic upgradation of services is also supported by the fabric controller. The Windows Azure management service supports features such as custom logging, tracing, and service usage monitoring.

SQL AZURE
The Windows Azure platform contains a relational database called SQL Azure. It is built on the core SQL Server product code base and provides core relational database management system capabilities as a service. The SQL Azure is the highly scalable and available database utility service present in the cloud environment and runs on the Microsoft data centers present globally. The data center enriches the SQL Azure service with load balancing, failover, and replication capabilities. The standard mechanism for accessing SQL Azure is by using tabular data stream through SQL client. The SQL client can be ADO.NET, Language-Integrated Query (LINQ), Open Database Connectivity (ODBC), Java Database Connectivity (JDBC), ADO.NET Entity Framework, or ADO.NET Data Services. If you want to create the connection using ADO.NET then you have to pass connection string of the database received from the server admin page of the SQL Azure developer portal. The SqlConnectionStringBuilder class is used to create the SQL Azure database connection string. After the connection string is created, you can connect with the SQL Azure database by opening the SqlConnection to the

18

Creating Business Objects

database. In the ADO.NET connection to SQL Azure database, you have to enter the server name, username, password, and database name. The SQL Azure also supports the administrative features such as Plan and Statistics, Index tuning, and Query tuning and is based on SQL Server though it has some limitations because of Internet availability and cloud deployment. The most significant limitation of the SQL Azure is that its size cant be more than 10 GB. Therefore, the database administrator has to make plan for the management and growth of the data accordingly. The core services provided by the SQL Azure are given as follows: Relational Data StorageUses all the SQL Server capabilities such as tables, indexes, views, stored procedures, and triggers. It is based on the core SQL Server code base and is the important component of SQL Azure. Data SyncProvides the synchronization and aggregation of data from SQL Azure to enterprise, workstations, partners, and consumers devices with the help of Microsoft (MS) sync framework. ManagementManages the security capabilities, billing, load-balancing, failover, and automatic provisioning of the SQL Azure. The database in SQL Azure replicates to one primary and two secondary servers. The switching between the primary server and the secondary server is automatic without any hindrance during failover. Data AccessDescribes the distinct methods to access the SQL Azure programmatically. The developers can access SQL Azure from the cloud services deployed in Windows Azure. The SQL Azure supports Tabular Data Stream, LINQ, JDBC, and ODBC clients. The Windows Azure cluster of computing and a SQL Azure are used together for rapid access of data. In addition to core services, the SQL Azure also supports the following database operations:

CRUD operations on tables, views, and indexes TSQL query JOIN statements Triggers TSQL functions Application stored procedures Table constraints Session-based temp tables Tables variables Local transactions Security roles

AppFabric
The AppFabriccomponent is used to create access control and distribute messages across clouds and enterprises. It has service oriented architecture and can be considered as backbone of the Windows Azure platform. It provides connectivity and messaging among distributed applications. It also has the capabilities of integrating the applications and the business processes between cloud services and also between cloud services and global applications. The AppFabric component provides a development environment that is integrated with Visual Studio 2010.The Windows Communication Foundation (WCF) services built in VS 2010can be published on cloud from the Visual Studio design environment. The two important services of AppFabric are following:

Access Control Service (ACS)Allows rules-driven, claims based access control for distributed applications. These claims-based rules and authorization roles can be defined in the cloud for accessing onpremise and cloud services. The claim can be user or application attribute which the service application expects, such as e-mail address, phone number, password, and role, for appropriate access control. When any application wants to use the Web service, it sends the required claims to ACS for requesting a token.ACS converts the input claims into output claims by following the rules of mapping. These rules are created during the configuration of ACS. The ACS issues a token containing output claims for the consumer application. This application used this token in the request header and sends to the Web service. This service validates the claims in the token and gives suitable access to the user. Service busProvides messaging between cross-enterprise and cross-cloud scenarios. It provides publish/subscribe, point-to-point, and queues message patterns for exchange of messages across

19

Appen ndix H

distributed ap pplications in th he cloud. It inte egrates with the e Access Contro ol service to est tablish secure re elay and commun nication. It consists of the follow wing four main n services that are a used by dif fferent kinds of onpremises as well w as cloud ser rvices: SecurityChallenges ar re the biggest concern c for an organization in n deploying ap pplications. In the t cloud env vironment, the data is expose ed and prone not n only to exte ernal threats bu ut also to intern nal threats. To T overcome the e threats, the service bus provi ides two main options, o ACS in ntegration and end e to end sec curity, for secur ring transportation of messages s from clients to o services. Naming service s Allow ws you to define DNS capable na ames to the serv vice, which ena ables the service e to resolve over the Internet t as it is based on DNS where e every resource e on the Interne et can be resolv ved using nam mes.DNS is bas sed on hierarch hical architectur re in which on ne root domain consists of ma any subdoma ains; and therefo ore, resembles a tree structure e. The Internet DNS system was w developed for referring the static resou urces, such as Web W pages and Web W sites, where e application ca an be modified but b domain name n always rem mains the same e. In the cloud service environm ment, there can be any number r of cloud ser rvices and subse ervices that may register and unregister u them mselves from the e DNS dependi ing on the clo oud service requ uirements. Service registry r Consists of registrati ion and discove ery service for servicing endp points. It provid des Atom fee ed to the applic cation. The Atom m feed exposes s a tree structur re in which you u can manually or programm matically naviga ate to the servic ce endpoint. Messagin ng fabricEnab bles the transfer r and communication of messa ages between cli ients and servic ces. The mess saging fabric ex xposes the serv vice endpoints into the cloud d for cloud dep ployed services. . It integrates s with ACS to provide p message e level security.

Wind dows Azure Live Se ervices

Liv ve services can be defined as the set of bui ilding blocks th hat resides in the t Windows Azure A platform for ma anaging the use er data and ap pplication resou urces. It is basic cally a collectio on of centralize ed applications for han ndling user and a framework ks, such as id dentity manage ement, search, , storage, com mmunications, and syn nchronization. Live services includes i Live framework for r building them m. The Live fr ramework has the cap pability for deve eloping synchro onized applicati ions also known n as Mesh appli ications to synch hronize data acr ross number of deskt tops and mobile devices with hout any inter rruption. It also provides a local l developm ment env vironment that is integrated with w VS 2010and d a local runtim me environment t for the application developm ment and d testing. Figure e H.20 displays the different co omponents of Li ive services:

Figure H.2 20: Displaying the t Live Service es Core Components

Let ts discuss each component of Live L Services ar re as follows:

esProvides the access to use er services, dev vice services, ap pplications serv vices, and the data d Mesh service synchronized d across them. The T user servic ce manages the sharing of reso ources across devices. d The dev vice service mana ages the sharing and security of the user de evices over the Internet. The application a serv vice handles the deployment, d con nfiguration, and d versioning an nd accesses the controls of app plications. The data d

20

Creating Business Objec cts

sync service provides the fa acility of synchr ronization of da ata across multi iple devices, ap pplications, and the cloud. Identity ser rvicesHandle es the identity management and a delegated authentication across the vari ious Live services, , such as Windo ows Live Identit ty Provider. Directory ser rvicesHandles the manageme ent of the relatio onships and the e users graphs, identities, devi ices, applications, and their conne ected network, such s as relation nship between users u and device es in Live Mesh. anages the trans sient and persis stent data storage for the users s, devices, and applications in the StorageMa Mesh, such as s Windows Live e Skydrive and Live Mesh stora age. Communicat tions and Pres senceEstablish hes the commu unications infrastructure betw ween devices and applications, and manages their present in nformation for connection and d display, such h as Windows Live L Messenger. SearchOffe ers search capab bilities to users, websites, and applications, a suc ch as Bing. Geospatial: Provides P geograp phical mapping g, location, routi ing, search, geoc coding, and the e reverse geocod ding services to Web W sites and app plications, such h as Bing Maps. Live Framewo orkUses for programming p o Live services of s across platform ms, programmi ing languages, and devices. The three componen nts of Live fram mework model are a Live operati ing environmen nt, Resource mo odel, gramming mod del. and Live prog

Wind dows Azure Service e Life Cycle

Th he aim of Windo ows Azure is to automate the service s life cycle e to great extent t. The Windows s Azure service life cyc cle has five disti inct phases and four different roles r which are shown in Figure H.21:

Figure H.21: Displaying th he Windows Azu ure Service Life e Cycle

Let ts discuss the roles present in the t Windows Azure A Service Li ife Cycle. The Developer D develo ops the services s for the e cloud using the t Windows Azure A platform. After develop pment of the se ervice, it is teste ed by the teste er to ens sure whether th he service is be ehaving in the same s way as ex xpected. If the service is execu uting fine then the ser rvice is deployed on the cloud by b the deployer r. The fabric con ntroller then upg grades the servi ice deployed on n the clo oud. No ow, Lets discus ss each of the ph hases of the Win ndows Azure se ervice life cycle. The phases an nd their descript tion are e as follows:

D p phase Plans, designs, d and de evelops a cloud d service for Wi indows Azure. The Design and Development design consis sts of quality at ttribute requirem ments for the service s and the solution to fulf fill them. The most m important rol le involved duri ing this phase is s of stakeholder rs.

2 21

Appendix H

Testing phaseTests the quality attributes of the cloud service. This phase involves on premise as well as Windows Azure cloud testing. The tester role is the key role in this phase which tests the end to end quality attributes of the service deployed into cloud testing or staging environment. Provisioning phaseProvisions the application to the Windows Azure cloud after testing phase. The deployer is the key role in this phase, which deploys the cloud service to the Windows Azure cloud and is in charge of service configurations. The configurations settings are defined by the developer but the production values are defined by the deployer. It also ensures that service definition of the cloud service should be achieved through proper production deployment in the Windows Azure cloud. During this phase, the role and responsibilities transition from on-premise to the Windows Azure cloud. Deployment phaseAllocates the hardware nodes into the end state and deploys on these nodes as described in the service model and configuration. In this phase, the fabric controller upgrades the service in running state without any interruption. The fabric controller also abstracts the hardware commissioning and deployment from the services. The commissioning of hardware includes deploying the operating system images on the nodes, configuring switches, access routers, and load balancers for external roles, such as Web role. Maintenance phaseRedeploys the service automatically and transparently on failure and the fabric controller automatically restarts the service. The fabric controller allocates new hardware in the situation of hardware failure. The desired number of roles irrespective of any service, hardware, and operating system failures are always maintained by the fabric controller. It also offers a set of dynamic management capabilities, such as adding capacity, reducing capacity, and service upgrades, without any service interruption. Therefore, the fabric controller hides the Windows Server operating system and the hardware from the service role instances, and performs the following important tasks: Allocating of the nodes

Initiating of operating system images on the nodes Handling the configuration of settings according to the service model defined by the service creator Initiating the service roles on allocated nodes Handling the configuration of load balancers, access routers, and switches Maintaining of desired number of role instances of the service irrespective of the service, hardware,
and operating system failures

22